CVE-2018-7836

EUVD-2018-19548
An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
schneider-electriciiot_monitor
3.1.38
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/106484
https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/
http://www.securityfocus.com/bid/106484
https://www.schneider-electric.com/en/download/document/SEVD-2018-354-03/